Windows 10: Direct Memory Access Attack Mitigation

The Microsoft documentation for mitigating DMA attacks includes the DataProtection/AllowDirectMemoryAccess policy. This states:


This policy setting allows you to block direct memory access (DMA) for all hot pluggable PCI downstream ports until a user logs into Windows.


My question is what is covered under "hot pluggable PCI downstream ports"


This link (https://www.synacktiv.com/posts/pentest/practical-dma-attack-on-windows-10.html) from May 2018 shows a DMA attack where they connect via an NVMe M.2 key B/M connector which gives them PCIe connectivity to carry out an attack using PCILeech.


Would the DataProtection/AllowDirectMemoryAccess policy prevent this attack i.e. would the NVMe M.2 key B/M connector be classed as a "hot pluggable PCI downstream port" and therefore protected?

:)

 

Mitigating speculative execution side-channel attacks in Edge and IE11

Source: Mitigating speculative execution side-channel attacks in Microsoft Edge and Internet Explorer - Microsoft Edge Dev Blog


See also update: Cumulative Update KB4056892 Windows 10 v1709 Build 16299.192 - Windows 10 Forums

 

BitLocker and DMA and Memory Resilience attacks?


When you fully shut down your system then your memory controller and DIMMs are powered off. So, by definition, a DMA attack won't be possible since there's no memory to access and no path for devices to access memory.

 

Overclocking / Undervolting guide for Vega 56 or 64?

Here's a quick laundry list:

List of software to use for overclocking and testing
Examples:
Wattman (and how to find and use it, like an overview, including profiles)
Unigine Valley or Heaven (use this for quick testing while changing settings in Wattman and checking for stability / artifacts) ...just suggesting this
How to monitor cores / mem speeds and temps during testing (I've seen screen overlays, and others using GPUz)

Step-by step overclocking in Wattman
Fan speeds
Power limit
Temp limit
Voltages
Core speeds
Memory speeds